Vision Cim

As part of the Application Security Assessment, we have come across the vulnerability Server Side Request Forgery (SSRF) using HTML Injection, via PDF and image generator.

As the vulnerability name suggests, an adversary forces a vulnerable web server to access either internal or external resources, that it has access to, such as retrieving local files, network scanning, etc.

First things First …

Let’s understand the functionality that led to SSRF. There is a module for ID card generation that takes user input such as company name, employee name, etc., and the form can be downloaded as pdf or images. So the first thing that comes to mind, is to check if the input validation is in place, and how the input gets rendered in pdf or image.

We started with basic HTML payloads and checked if we were able to render the same in PDF and image form. Since there